﻿<%@language=vbscript codepage=65001%>
<%Option Explicit%>
<%
Response.CodePage=65001
Response.Charset="UTF-8"
Session.CodePage = 65001
'**************************************************************
' Software Name: EasyesESYS
' Web: http://www.Easyes.com.cn
'**************************************************************
%>
<!--#include file="Config/Config.asp"-->
<!--#include file="Config/function.asp"-->
<!--#include file="Config/Conn.asp"-->
<!--#include file="Config/md5.asp"--><%
Dim ErrMsg
Dim Username,Password,CheckCode,AdminLoginCode,AutoRemberLoginName
	Username=Checkstr(trim(request("username")))
	Password=Checkstr(trim(Request("password")))
	CheckCode=Checkstr(trim(Request("CheckCode")))
	AdminLoginCode=trim(Request("AdminLoginCode"))
	AutoRemberLoginName=trim(Request("AutoRemberLoginName"))
If AutoRemberLoginName="1" Then
	Response.Cookies("ESYSLoginName")("AutoRemberLoginName")=UserName
Else
	Response.Cookies("ESYSLoginName")("AutoRemberLoginName")=""
End If
if UserName="" then
	FoundErr=True
	ErrMsg=ErrMsg & "·登录失败:用户名不能为空！\n"
end if
if Password="" then
	FoundErr=True
	ErrMsg=ErrMsg & "·登录失败:密码不能为空！\n"
end if
if CheckCode="" then
	FoundErr=True
	ErrMsg=ErrMsg & "·登录失败:验证码不能为空！\n"
end if
if CStr(session("GetCode"))="" then
	FoundErr=True
	ErrMsg=ErrMsg & "·登录失败:你登录时间过长，请重新返回登录页面进行登录！\n"
end if
if cstr(CheckCode)<>CStr(session("GetCode")) then
	FoundErr=True
	ErrMsg=ErrMsg & "·登录失败:您输入的验证码和系统产生的不一致，请重新输入！\n"
end if
If EnableSiteManageCode = True And AdminLoginCode <> SiteManageCode Then
	FoundErr=True
	ErrMsg=ErrMsg & "·登录失败:您输入的后台管理认证码不对，请重新输入！\n"
End If
Dim FoundErr
if FoundErr<>True then
	password=md5(CfsEnCode(password))
Dim rs,sql
	set rs=server.createobject("adodb.recordset")
	sql="select * from Easyes_Manage where password='"&Password&"' and username='"&Username&"'"
	rs.open sql,conn,1,3
if rs.bof and rs.eof then
	FoundErr=True
	ErrMsg=ErrMsg & "·登录失败:用户名或密码错误！\n"
else
if password<>rs("password") then
	FoundErr=True
	ErrMsg=ErrMsg & "·登录失败:用户名或密码错误！\n"
else
	rs("LastLoginIP")=Request.ServerVariables("REMOTE_ADDR")
	rs("LastLoginTime")=now()
	rs("LoginTimes")=rs("LoginTimes")+1
	rs.update
	session.Timeout=SessionTimeout
	session("admin")=rs("UserName")
	session("purview")=rs("purview")
	session("LastLoginIP")=rs("LastLoginIP")
	session("LastLoginTime")=rs("LastLoginTime")
	session("LastLogoutTime")=rs("LastLogoutTime")
	session("LoginTimes")=rs("LoginTimes")
	rs.close
	set rs=nothing
	call CloseConn()
	Response.Redirect "Admin_Index.asp"
end if
end if
	rs.close
	set rs=nothing
end if
if FoundErr=True then
	call WriteErrMsg(ErrMsg)
end if
	Call CloseConn()
%>